Have you heard that OPM is sending written notice if your information got hacked by the Chinese?

Maj Mike Sciales — Sun, 11 Oct 2015 16:02:59 -0400

The Office of Personnel Management got hacked and several many millions of names were obtained. The OPM director resigned. There is now a vendor in place, MyID Care. They won the contract to provide credit monitoring and identity theft protection at no charge to victims. I checked the web site, looked at the notice of bids, the announcement of selection and all the rest. This is a good deal and members notified need to take advantage of this free for you protection. https://www.opm.gov/blogs/Director/2015/10/1/Notifying-Those-Impacted-by-the-Recent-Cyber-Intrusion/

Notifying Those Impacted by the Recent Cyber Intrusion - The OPM Director's Blog

Yesterday, we began mailing notification letters to the individuals whose personal information was stolen in a malicious cyber intrusion carried out against the Federal Government. Impacted individuals will be notified by OPM via U.S. Postal Service mail. Email will not be used.       The letters being mailed to those affected by this incident will describe the comprehensive suite of identity theft protection and...

Response by MSgt Curtis Ellis made Oct 11 at 2015 4:24 PM

MSgt Curtis Ellis — Sun, 11 Oct 2015 16:24:24 -0400

A little confused as this was done quite some months ago...
I received my notification from OPM, opted for the CSID/OPM credit monitoring and $1Mil insurance (free) for 3 years.
Though your article is dated 1 Oct, I am not familiar with MyID Care or any of the other sites linked in the attached article you have, or that there was a "bid" for this protection.
The CSID/OPM link that I have been using https://www.csid.com/OPM/ is the only one I'm familiar with that was sent to me with the notification letter from OPM, as I said, quite a few months ago... so is this something new?

OPM

Response by LCDR Private RallyPoint Member made Oct 11 at 2015 8:16 PM

LCDR Private RallyPoint Member — Sun, 11 Oct 2015 20:16:34 -0400

This is a good deal. If you were impacted by the breach this is something that can help.

Response by PO1 John Miller made Oct 14 at 2015 5:01 AM

PO1 John Miller — Wed, 14 Oct 2015 05:01:38 -0400

That will take a while! Since thousands of people's information supposedly got hacked I imagine it will be a while before everyone gets their letter.
Since I have an active security clearance to this day, I am almost certain I will be receiving a letter of my own.

Response by TSgt Gregory Gann made Oct 20 at 2015 3:30 PM

TSgt Gregory Gann — Tue, 20 Oct 2015 15:30:33 -0400

Yes, but the PIN they sent in the letter doesn't seem to be working.
Nothing's ever simple when it involves the government.

Response by CSM Brian Vanwagner made Nov 18 at 2015 7:19 AM

CSM Brian Vanwagner — Wed, 18 Nov 2015 07:19:37 -0500

I just got a letter from OPM and went to the web site. Is this for real? If they know who I am and can send me a letter why do they need all the information someone would need to steal my Identity? How do we know if this site isn't doing what they say they are protecting us against?

Response by MAJ Private RallyPoint Member made Nov 18 at 2015 10:31 AM

MAJ Private RallyPoint Member — Wed, 18 Nov 2015 10:31:48 -0500

I received mine yesterday - 3 years of credit monitoring for my daughter and I. Chinese have our PII and the USG is only going to cover 3 years worth of credit monitoring. That's a sad gesture imo. They honestly should provide lifetime monitoring due to their negligence.

Response by CPT Ahmed Faried made Dec 3 at 2015 1:16 AM

CPT Ahmed Faried — Thu, 03 Dec 2015 01:16:56 -0500

i received one.

Response by CPL Dan Larios made Dec 14 at 2015 4:26 PM

CPL Dan Larios — Mon, 14 Dec 2015 16:26:35 -0500

I can just see a chinese using my name I am spanish/mexican/yaqui indian I can just see the look onhis face ha ha

Response by Amn Edith Scharff made Dec 17 at 2015 5:12 PM

Amn Edith Scharff — Thu, 17 Dec 2015 17:12:59 -0500

SCAM!!!! DON'T SIGN UP!!!

Response by Amn Edith Scharff made Dec 17 at 2015 5:13 PM

Amn Edith Scharff — Thu, 17 Dec 2015 17:13:56 -0500

It's a TOTAL SCAM!!!!!! Any website that asks for your birthday, social, address, dob, etc is CERTAINLY going to steal your identity with YOUR PERMISSION!!! DON'T SIGN UP!!!

Response by Sgt Jeff M. made Jan 3 at 2016 1:02 PM

Sgt Jeff M. — Sun, 03 Jan 2016 13:02:53 -0500

First off, it's NOT a scam -- IF you go to https[colon-dbl-slash]http://www.opm.gov[slash]cybersecurity and go from there.
If you've already gotten the OPM sign-up letter, and you hover over the "Sign In" area near the bottom, it clearly shows "myidcare[dot]com" -- I agree it is NOT obvious, so *BE CAREFUL*! Do NOT sign in from any "email links" -- go directly to the OPM dot GOV slash cybersecurity site or directly to the MyIDCare dot com site -- NOT from any links in email! Emails can be faked.

What I find funny (and SCARY) is that THIS site (RallyPoint) asks to be able to MODIFY MY CONTACTS! THAT is questionable! There is ABSOLUTELY *ZERO* REASON FOR THAT! RallyPoint should NEVER *EVER* NEED TO *MODIFY* nor, for that matter, even be able to READ my "gmail" contacts - that sounds like "marketing junk" to me -- as in, "Hey, we need to be able to grab your contacts out of your gmail and use them for marketing -- oh, and hey, by they way, we may secretly "write a NEW contact" into your contacts, just because we can! NO SITE SHOULD EVER ASK FOR NOR NEED ABILITY TO *READ* OR *MODIFY* MY / YOUR CONTACTS!

Thanks, and Semper Fi!
Sgt TJ Mason, USMC, retired

Response by Hilda Brant made Apr 10 at 2016 1:15 AM

Hilda Brant — Sun, 10 Apr 2016 01:15:52 -0400

Hi all. I just got a MyIDCare email and it seemed odd - which is why googled them and found you.

OPM's letter says they contracted with ID EXPERTS. It also says "Please note that OPM and ID Experts will not contact you to confirm any personal information. If you are contacted by anyone asking for our persnal information in relation to this incident, do not provide it."

What a mess.

Response by Michelle S. made Aug 2 at 2016 11:55 AM

Michelle S. — Tue, 02 Aug 2016 11:55:09 -0400

I am glad they are taking steps to protect the individuals at risk. However, I fail to see how authorizing their unnamed service providers "WHICH MAY INCLUDE CONSUMERINFO.COM, INC. (“CIC”)" to use my PII at their discretion achieves that end. The fact that the Terms & Conditions do not state which 'service providers' will be authorized to use our Social Security Numbers to access our credit reports, or how they will be using it, is enough to think twice. Also, it is important to note section 4B clearly states we cannot hold them liable for damages if damages are incurred through the use of their service. Finally, CSID reserves the right, in their privacy policy, to share any information collected about you even AFTER you close your account. I fail to see how this will help us in any way.

The Terms & Conditions state, "YOU UNDERSTAND THAT BY ENROLLING IN THE MYIDCARE PROGRAM FOR OPM (THE “OPM PROGRAM”), YOU ARE PROVIDING "WRITTEN INSTRUCTIONS" ... FOR IDEXPERTS, CSIDENTITY CORPORATION (“CSID”) AND THEIR RESPECTIVE SERVICE PROVIDERS, WHICH MAY INCLUDE CONSUMERINFO.COM, INC. (“CIC”), TO OBTAIN INFORMATION FROM YOUR PERSONAL CREDIT PROFILE FROM EXPERIAN, EQUIFAX, AND TRANSUNION,...YOU AUTHORIZE CSID AND ITS SERVICE PROVIDERS TO USE YOUR SOCIAL SECURITY NUMBER TO ACCESS YOUR PERSONAL CREDIT PROFILE, TO VERIFY YOUR IDENTITY, AND TO PROVIDE CREDIT MONITORING, REPORTING AND SCORING PRODUCTS AND TO PROVIDE THE ADDITIONAL PRODUCTS AND/OR SERVICES TO YOU, INCLUDING, BUT NOT LIMITED TO, ADDRESS HISTORY REPORTS, NAME AND ALIAS REPORTS, CRIMINAL OR SEX OFFENDER REPORTS, AND TO PROVIDE MONITORING AND/OR ALERTS TO YOU"
CSID Privacy Policy states, "We may collect personal information from which you can be identified, such as your name, date of birth, postal and e-mail address, phone number, national identifier or social security number (as applicable) and credit card details...We will use this data to access and monitor various data sets that you request us to monitor as part of your identity protection service and for the prevention and detection of fraud. When you close your account, we may continue to share information about you according to our legal and regulatory requirements."
4.B. Disclaimer of Warranties and Limitation of Liability states, "NEITHER ID EXPERTS OR THE SERVICE PROVIDERS NOR ANY OF THEIR RESPECTIVE AFFILIATES SSUME ANY LIABILITY FOR DAMAGES, DIRECT OR INDIRECT, CONSEQUENTIAL OR INCIDENTAL, IN CONNECTION WITH THE PERFORMANCE OF THE SERVICES OR YOUR REQUEST, USE OR ATTEMPTED USE OF THE SERVICES...THE AGGREGATE LIABILITY OF ALL SUCH PARTIES TO YOU IN ANY EVENT IS LIMITED TO THE AMOUNT WHICH HAS BEEN PAID ON YOUR BEHALF FOR YOUR MEMBERSHIP.
...which is Zero. So if they have a security breach they owe us nothing.

Response by Ann Santini made Dec 21 at 2016 12:09 PM

Ann Santini — Wed, 21 Dec 2016 12:09:00 -0500

I received a letter for my husband who passed away in March. Should I do anything about this letter to protect him even though he is deceased? I found this site searching for answers on what I should do and if this myIDcare was ligit Thank you if you can assist. He was in the Navy too.

A. Housley